summaryrefslogtreecommitdiff
path: root/methods/server.cc
Commit message (Collapse)AuthorAgeFilesLines
* act on various suggestions from cppcheckDavid Kalnischkies2016-01-261-1/+2
| | | | | Reported-By: cppcheck Git-Dch: Ignore
* Only enable pipelining if server is HTTP/1.1Julian Andres Klode2016-01-121-0/+8
| | | | | | | Just enabling it for anyone breaks with HTTP/1.0 servers and proxies sometimes. Closes: #810796
* Convert most callers of isspace() to isspace_ascii()Julian Andres Klode2015-12-271-1/+1
| | | | | This converts all callers that read machine-generated data, callers that might work with user input are not converted.
* allow acquire method specific options via Binary scopeDavid Kalnischkies2015-11-051-13/+2
| | | | | | | | Allows users who know what they are getting themselves into with this trick to e.g. disable privilege dropping for e.g. file:// until they can fix up the permissions on those repositories. It helps also the test framework and people with a similar setup (= me) to run in less modified environments.
* wrap every unlink call to check for != /dev/nullDavid Kalnischkies2015-11-041-2/+2
| | | | | | | | | | | | | | | | Unlinking /dev/null is bad, we shouldn't do that. Also, we should print at least a warning if we tried to unlink a file but didn't manage to pull it of (ignoring the case were the file is /dev/null or doesn't exist in the first place). This got triggered by a relatively unlikely to cause problem in pkgAcquire::Worker::PrepareFiles which would while temporary uncompressed files (which are set to keep compressed) figure out that to files are the same and prepare for sharing by deleting them. Bad move. That also shows why not printing a warning is a bad idea as this hide the error for in non-root test runs. Git-Dch: Ignore
* fix two memory leaks reported by gccDavid Kalnischkies2015-09-141-8/+9
| | | | | Reported-By: gcc -fsanitize=address -fno-sanitize=vptr Git-Dch: Ignore
* fix various typos reported by codespellDavid Kalnischkies2015-08-271-2/+2
| | | | Reported-By: codespell
* Merge branch 'debian/sid' into debian/experimentalMichael Vogt2015-05-221-14/+24
|\ | | | | | | | | | | | | | | | | Conflicts: apt-pkg/pkgcache.h debian/changelog methods/https.cc methods/server.cc test/integration/test-apt-download-progress
| * Rename "Size" in ServerState to TotalFileSizeMichael Vogt2015-05-221-10/+10
| | | | | | | | | | | | | | | | The variable "Size" was misleading and caused bug #1445239. To avoid similar issues in the future, rename it to make the meaning more obvious. git-dch: ignore
| * Fix endless loop in apt-get update that can cause disk fillupMichael Vogt2015-05-221-5/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The apt http code parses Content-Length and Content-Range. For both requests the variable "Size" is used and the semantic for this Size is the total file size. However Content-Length is not the entire file size for partital file requests. For servers that send the Content-Range header first and then the Content-Length header this can lead to globbing of Size so that its less than the real file size. This may lead to a subsequent passing of a negative number into the CircleBuf which leads to a endless loop that writes data. Thanks to Anton Blanchard for the analysis and initial patch. LP: #1445239
* | detect 416 complete file in partial by expected hashDavid Kalnischkies2015-05-121-3/+16
| | | | | | | | | | | | | | If we have the expected hashes we can check with them if the file we have in partial we got a 416 for is the expected file. We detected this with same-size before, but not every server sends a good Content-Range header with a 416 response.
* | calculate hashes while downloading in httpsDavid Kalnischkies2015-04-191-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | We do this in HTTP already to give the CPU some exercise while the disk is heavily spinning (or flashing?) to store the data avoiding the need to reread the entire file again later on to calculate the hashes – which happens outside of the eyes of progress reporting, so you might ended up with a bunch of https workers 'stuck' at 100% while they were busy calculating hashes. This is a bummer for everyone using apt as a connection speedtest as the https method works slower now (not really, it just isn't reporting done too early anymore).
* | calculate only expected hashes in methodsDavid Kalnischkies2015-04-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Methods get told which hashes are expected by the acquire system, which means we can use this list to restrict what we calculate in the methods as any extra we are calculating is wasted effort as we can't compare it with anything anyway. Adding support for a new hash algorithm is therefore 'free' now and if a algorithm is no longer provided in a repository for a file, we automatically stop calculating it. In practice this results in a speed-up in Debian as we don't have SHA512 here (so far), so we practically stop calculating it.
* | derive more of https from http methodDavid Kalnischkies2015-03-161-1/+6
| | | | | | | | | | | | | | | | | | Bug #778375 uncovered that https wasn't properly integrated in the class family tree of http as it was supposed to be leading to a NULL pointer dereference. Fixing this 'properly' was deemed to much diff for practically no gain that late in the release, so commit 0c2dc43d4fe1d026650b5e2920a021557f9534a6 just fixed the synptom, while this commit here is fixing the cause plus adding a test.
* | merge debian/sid into debian/experimentalDavid Kalnischkies2015-03-161-1/+1
|\|
| * Fix crash in the apt-transport-https when Owner is NULLTomasz Buchert2015-02-231-1/+1
| | | | | | | | | | | | Do not crash in ServerState::HeaderLine if there is no Owner. Closes: #778375
| * dispose http(s) 416 error page as non-contentDavid Kalnischkies2014-12-221-11/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Real webservers (like apache) actually send an error page with a 416 response, but our client didn't expect it leaving the page on the socket to be parsed as response for the next request (http) or as file content (https), which isn't what we want at all… Symptom is a "Bad header line" as html usually doesn't parse that well to an http-header. This manifests itself e.g. if we have a complete file (or larger) in partial/ which isn't discarded by If-Range as the server doesn't support it (or it is just newer, think: mirror rotation). It is a sort-of regression of 78c72d0ce22e00b194251445aae306df357d5c1a, which removed the filesize - 1 trick, but this had its own problems… To properly test this our webserver gains the ability to reply with transfer-encoding: chunked as most real webservers will use it to send the dynamically generated error pages. (The tests and their binary helpers had to be slightly modified to apply, but the patch to fix the issue itself is unchanged.) Closes: 768797
* | dispose http(s) 416 error page as non-contentDavid Kalnischkies2014-12-091-11/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Real webservers (like apache) actually send an error page with a 416 response, but our client didn't expect it leaving the page on the socket to be parsed as response for the next request (http) or as file content (https), which isn't what we want at all… Symptom is a "Bad header line" as html usually doesn't parse that well to an http-header. This manifests itself e.g. if we have a complete file (or larger) in partial/ which isn't discarded by If-Range as the server doesn't support it (or it is just newer, think: mirror rotation). It is a sort-of regression of 78c72d0ce22e00b194251445aae306df357d5c1a, which removed the filesize - 1 trick, but this had its own problems… To properly test this our webserver gains the ability to reply with transfer-encoding: chunked as most real webservers will use it to send the dynamically generated error pages. Closes: 768797
* | Fix ServerMethod::FindMaximumObjectSizeInQueue()Michael Vogt2014-10-081-1/+1
| | | | | | | | Git-Dch: ignore
* | Fix http pipeline messup detectionMichael Vogt2014-10-081-2/+14
| | | | | | | | | | | | | | | | | | The Maximum-Size protection breaks the http pipeline reorder code because it relies on that the object got fetched entirely so that it can compare the hash of the downloaded data. So instead of stopping when the Maximum-Size of the expected item is reached we only stop when the maximum size of the biggest item in the queue is reached. This way the pipeline reoder code keeps working.
* | make expected-size a maximum-size check as this is what we want at this pointMichael Vogt2014-10-071-2/+2
| |
* | make http size check workMichael Vogt2014-10-061-6/+10
|\ \
| * | fix: %i in format string (no. 1) requires 'int' but the argument type isDavid Kalnischkies2014-09-271-3/+3
| | | | | | | | | | | | | | | | | | | | | 'unsigned int' Git-Dch: Ignore Reported-By: cppcheck
| * | Merge branch 'debian/sid' into debian/experimentalMichael Vogt2014-09-231-3/+4
| |\| | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: apt-pkg/acquire-item.cc apt-pkg/acquire-item.h apt-pkg/cachefilter.h configure.ac debian/changelog
| | * Improve Debug::Acquire::http debug outputMichael Vogt2014-09-051-3/+4
| | | | | | | | | | | | | | | Prefix all answers with the URL that the answer is for. This helps when debugging and pipeline is enabled.
* | | Pass ExpectedSize to tthe backend methodMichael Vogt2014-08-261-0/+5
|/ / | | | | | | | | This ensures that we can stop downloading if the server send too much data by accident (or by a malicious attempt)
* / reenable pipelining via hashsum reordering supportDavid Kalnischkies2014-05-091-4/+42
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | Now that methods have the expected hashes available they can check if the response from the server is what they expected. Pipelining is one of those areas in which servers can mess up by not supporting it properly, which forced us to disable it for the time being. Now, we check if we got a response out of order, which we can not only use to disable pipelining automatically for the next requests, but we can fix it up just like the server responded in proper order for the current requests. To ensure that this little trick works pipelining is only attempt if we have hashsums for all the files in the chain which in theory reduces the use of pipelining usage even on the many servers which work properly, but in practice only the InRelease file (or similar such) will be requested without a hashsum – and as it is the only file requested in that stage it can't be pipelined even if we wanted to. Some minor annoyances remain: The display of the progress we have doesn't reflect this change, so it looks like the same package gets downloaded multiple times while others aren't at all. Further more, partial files are not supported in this recovery as the received data was appended to the wrong file, so the hashsum doesn't match. Both seem to be minor enough to reenable pipelining by default until further notice through to test if it really solves the problem. This therefore reverts commit 8221431757c775ee875a061b184b5f6f2330f928.
* cleanup headers and especially #includes everywhereDavid Kalnischkies2014-03-131-16/+11
| | | | | | | | Beside being a bit cleaner it hopefully also resolves oddball problems I have with high levels of parallel jobs. Git-Dch: Ignore Reported-By: iwyu (include-what-you-use)
* warning: extra ‘;’ [-Wpedantic]David Kalnischkies2014-03-131-10/+10
| | | | | Git-Dch: Ignore Reported-By: gcc -Wpedantic
* Fix typos in documentation (codespell)Michael Vogt2014-02-221-3/+3
|
* allow http protocol to switch to httpsDavid Kalnischkies2014-02-141-5/+9
| | | | | | | | | switch protocols at random is a bad idea if e.g. http can switch to file, so we limit the possibilities to http to http and http to https. As very few people (less than 1% according to popcon) have https installed this likely changes nothing in terms of failure. The commit is adding a friendly hint which package needs to be installed though.
* use utimes instead of utimensat/futimensDavid Kalnischkies2014-02-111-6/+6
| | | | | | | | | | | cppcheck complains about the obsolete utime as it was removed in POSIX1.2008 and recommends usage of utimensat/futimens instead as those are in POSIX and so commit 9ce3cfc9 switched to them. It is just that they aren't as portable as the standard suggests: At least our kFreeBSD and Hurd ports stumble over it at runtime. So to make both, the ports and cppcheck happy, we use utimes instead. Closes: 738567
* correct some style/performance/warnings from cppcheckDavid Kalnischkies2014-01-161-13/+12
| | | | | | | | The most "visible" change is from utime to utimensat/futimens as the first one isn't part of POSIX anymore. Reported-By: cppcheck Git-Dch: Ignore
* refactor http client implementationDavid Kalnischkies2013-10-011-0/+665
No effective behavior change, just shuffling big junks of code between methods and classes to split them into those strongly related to our client implementation and those implementing HTTP. The idea is to get HTTPS to a point in which most of the implementation can be shared even though the client implementations itself is completely different. This isn't anywhere near yet though, but it should beenough to reuse at least a few lines from http in https now. Git-Dch: Ignore